New York’s Upstate Medical University Finds PhoneFactor to Be The Right Prescription for Their Authentication Needs

The Business Challenge:

Upstate Medical University, in Syracuse, New York, faced several challenges in providing their users with secure remote access to confidential patient data and critical applications. They had been using security tokens to provide an important second factor of authentication for remote access via SSL VPN from home and other remote locations. However, this system had proven to be expensive, required additional hardware, was cumbersome for IT to manage, and had outgrown its value. They also wanted a more flexible system to authenticate other employees that might be utilizing their own computer to login to Upstate Medical University’s business systems.

In both cases Upstate Medical University needed a two-factor authentication system that didn’t require the IT department to configure and support hardware or devices, was cost-effective and scalable, and was easy for clinicians and staff to utilize. Providing access to patient data has to be absolutely secure, and they found PhoneFactor’s simple, strong authentication solution to be just the right prescription.

The Solution:

Upstate Medical University implemented PhoneFactor with no headaches for either their users or their IT staff. Now instead of carrying a token, users authenticate with their phone. When they login, their phone rings, and they simply answer and enter a code on their phone’s keypad, immediately granting them access. If they are not logging in, they can press a different code to alert their IT department that attempted fraud is in progress.

Setting up new users is just as easy. PhoneFactor integrates with their existing LDAP server, so new users are automatically added to PhoneFactor and a basic training e-mail is sent out to teach them how to get started. If they need to make any changes, they can securely do so using a self-help menu.

“PhoneFactor is very straight-forward and easy to use,” according to R.J. Dollard, Manger of IT Customer Support Services. “We have had minimal support calls from our end users since its implementation and the process for configuring and training users is seamless for everyone.”

By migrating to PhoneFactor’s tokenless solution, Upstate Medical University realized a material cost savings. They have reduced their outside expenditures on tokens, hardware, and maintenance. They are no longer managing several hundred tokens and after hours support calls from clinicians and staff virtually disappeared. PhoneFactor runs on their existing hardware, so they no longer have to maintain an additional dedicated server for managing two-factor authentication. Plus, they are much more efficient when rolling out new users.

Upstate Medical University is pleased with PhoneFactor’s simple solution and stellar support. They plan to expand its use in several areas of their organization as they continue to automate their systems and processes.

“PhoneFactor delivers a robust and scalable solution to support the current and future security needs of the Upstate Medical University.” – R.J. Dollard, Manger of IT Customer Support Services, Upstate Medical University